From: Soyoung Kim Date: Tue, 5 Mar 2013 06:35:59 +0000 (+0900) Subject: Add encrypt/decrypt API from trust zone X-Git-Tag: 2.1b_release~6^2~9 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=389e38f8c7060bb4d219818fa212970e85b39f72;p=framework%2Fweb%2Fwrt-commons.git Add encrypt/decrypt API from trust zone [Issue#] N/A [Problem] N/A [Cause] N/A [Solution] Add API for encryption/decryption from trust zone. [SCMRequest] N/A --- diff --git a/CMakeLists.txt b/CMakeLists.txt index 45cc829..d36d0dc 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -46,6 +46,7 @@ ELSE(DPL_LOG AND NOT CMAKE_BUILD_TYPE MATCHES "profiling") ENDIF(DPL_LOG AND NOT CMAKE_BUILD_TYPE MATCHES "profiling") OPTION(WITH_TESTS "Build tests" OFF) + ADD_DEFINITIONS("-DDPL_LOGS_ENABLED") #@@@@@@@@@@@@@ # Compiler flags SET(CMAKE_C_FLAGS_PROFILING "-O2") diff --git a/build/encryption/CMakeLists.txt b/build/encryption/CMakeLists.txt index 7949864..e96b3dd 100644 --- a/build/encryption/CMakeLists.txt +++ b/build/encryption/CMakeLists.txt @@ -23,6 +23,7 @@ INCLUDE(FindPkgConfig) PKG_CHECK_MODULES(SYS_ENCRYPTION dlog openssl + osp-appfw REQUIRED ) @@ -56,6 +57,7 @@ TARGET_LINK_LIBRARIES(${TARGET_DPL_ENCRYPTION} TARGET_LINK_LIBRARIES(${TARGET_DPL_ENCRYPTION} "-ldukgenerator" ) TARGET_LINK_LIBRARIES(${TARGET_DPL_ENCRYPTION} "-lcryptsvc" ) +TARGET_LINK_LIBRARIES(${TARGET_DPL_ENCRYPTION} -L/usr/lib/osp -losp-appfw ) # Target library properties SET_TARGET_PROPERTIES(${TARGET_DPL_ENCRYPTION} PROPERTIES diff --git a/modules/encryption/include/dpl/encryption/resource_decryption.h b/modules/encryption/include/dpl/encryption/resource_decryption.h index a6d7af0..1f10fdb 100644 --- a/modules/encryption/include/dpl/encryption/resource_decryption.h +++ b/modules/encryption/include/dpl/encryption/resource_decryption.h @@ -28,8 +28,6 @@ #include #include -extern char** calculate(char*pappId, int idLen, int keyLen); - namespace WRTDecryptor { class ResourceDecryptor { @@ -51,9 +49,17 @@ class ResourceDecryptor unsigned char* decBuf, size_t chunkSize); + /* TrustZone */ + int DecryptChunkByTrustZone( + std::string pkgid, + const unsigned char *inBuffer, + int inBufSize); + void getDecryptStringByTrustZone(unsigned char *decBuffer); + private: AES_KEY* GetDecryptionKey(); AES_KEY m_decKey; + void *m_getBuffer; }; } //namespace WRTDecryptor diff --git a/modules/encryption/include/dpl/encryption/resource_encryption.h b/modules/encryption/include/dpl/encryption/resource_encryption.h index f2e4988..32d7132 100644 --- a/modules/encryption/include/dpl/encryption/resource_encryption.h +++ b/modules/encryption/include/dpl/encryption/resource_encryption.h @@ -28,8 +28,6 @@ #include #include -extern char** calculate(char*pappId, int idLen, int keyLen); - namespace WRTEncryptor { class ResourceEncryptor { @@ -53,9 +51,17 @@ class ResourceEncryptor void EncryptChunk(unsigned char* inputBuf, unsigned char* encBuf, size_t chunkSize); + /* TrustZone */ + int EncryptChunkByTrustZone( + std::string pkgid, + const unsigned char *plainBuffer, + int pBufSize); + void getEncStringByTrustZone(unsigned char *encBuffer); + private: AES_KEY GetEncryptionkey(); AES_KEY m_encKey; + void *m_getBuffer; }; } //namespace WRTEncryptor diff --git a/modules/encryption/src/resource_decryption.cpp b/modules/encryption/src/resource_decryption.cpp index c599e64..d51adfb 100644 --- a/modules/encryption/src/resource_decryption.cpp +++ b/modules/encryption/src/resource_decryption.cpp @@ -27,13 +27,16 @@ #include #include #include +#include +#include namespace { #define BITS_SIZE 128 #define KEY_SIZE 16 } namespace WRTDecryptor { -ResourceDecryptor::ResourceDecryptor() +ResourceDecryptor::ResourceDecryptor() : + m_getBuffer(NULL) { LogDebug("Started Decryption"); } @@ -84,4 +87,41 @@ void ResourceDecryptor::GetDecryptedChunk(unsigned char* AES_cbc_encrypt(inBuf, decBuf, inBufSize, &m_decKey, ivec, AES_DECRYPT); LogDebug("Success decryption"); } + +int ResourceDecryptor::DecryptChunkByTrustZone( + std::string pkgid, const unsigned char* inBuffer, + int inBufSize) +{ + using namespace Tizen::Base; + + const byte *b_pkgid = reinterpret_cast(pkgid.c_str()); + ByteBuffer appInfo; + appInfo.Construct(pkgid.length()); + appInfo.SetArray(b_pkgid, 0, pkgid.length()); + appInfo.Flip(); + + Tizen::Security::Crypto::_TrustZoneService* pInstance; + pInstance = Tizen::Security::Crypto::_TrustZoneService::GetInstance(); + + ByteBuffer pBuf; + pBuf.Construct(inBufSize); + const byte *pByte = reinterpret_cast(inBuffer); + pBuf.SetArray(pByte, 0, inBufSize); + pBuf.Flip(); + + ByteBuffer *getBuffer = pInstance->_TrustZoneService::DecryptN(appInfo, pBuf); + + m_getBuffer = reinterpret_cast(getBuffer); + return getBuffer->GetRemaining(); +} + +void ResourceDecryptor::getDecryptStringByTrustZone(unsigned char *decBuffer) +{ + using namespace Tizen::Base; + LogDebug("Get decrypted string"); + ByteBuffer *buffer = reinterpret_cast(m_getBuffer); + memcpy(decBuffer, buffer->GetPointer(), buffer->GetRemaining()); + buffer->Reset(); +} + } //namespace WRTDecryptor diff --git a/modules/encryption/src/resource_encryption.cpp b/modules/encryption/src/resource_encryption.cpp index 8dc5284..67f9061 100644 --- a/modules/encryption/src/resource_encryption.cpp +++ b/modules/encryption/src/resource_encryption.cpp @@ -25,13 +25,16 @@ #include #include #include +#include +#include namespace { #define BITS_SIZE 128 #define KEY_SIZE 16 } namespace WRTEncryptor { -ResourceEncryptor::ResourceEncryptor() +ResourceEncryptor::ResourceEncryptor() : + m_getBuffer(NULL) { LogDebug("Started Encrytion"); } @@ -83,4 +86,42 @@ void ResourceEncryptor::EncryptChunk(unsigned char* AES_cbc_encrypt(inputBuf, encBuf, chunkSize, &m_encKey, ivec, AES_ENCRYPT); } + +int ResourceEncryptor::EncryptChunkByTrustZone( + std::string pkgid, + const unsigned char *plainBuffer, + int pBufSize) +{ + using namespace Tizen::Base; + + const byte *b_pkgid = reinterpret_cast(pkgid.c_str()); + ByteBuffer appInfo; + appInfo.Construct(pkgid.length()); + appInfo.SetArray(b_pkgid, 0, pkgid.length()); + appInfo.Flip(); + + Tizen::Security::Crypto::_TrustZoneService* pInstance; + pInstance = Tizen::Security::Crypto::_TrustZoneService::GetInstance(); + + ByteBuffer pBuf; + pBuf.Construct(pBufSize); + const byte *pByte = reinterpret_cast(plainBuffer); + pBuf.SetArray(pByte, 0, pBufSize); + pBuf.Flip(); + + ByteBuffer *getBuffer = + pInstance->_TrustZoneService::EncryptN(appInfo, pBuf); + m_getBuffer = reinterpret_cast(getBuffer); + + return getBuffer->GetRemaining(); +} + +void ResourceEncryptor::getEncStringByTrustZone(unsigned char *encBuffer) +{ + using namespace Tizen::Base; + LogDebug("Get encrypted String"); + ByteBuffer *buffer = reinterpret_cast(m_getBuffer); + memcpy(encBuffer, buffer->GetPointer(), buffer->GetRemaining()); + buffer->Reset(); +} } //namespace ResourceEnc diff --git a/packaging/wrt-commons.spec b/packaging/wrt-commons.spec index b072049..38f1302 100644 --- a/packaging/wrt-commons.spec +++ b/packaging/wrt-commons.spec @@ -23,9 +23,12 @@ BuildRequires: pkgconfig(libxml-2.0) BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(libiri) BuildRequires: pkgconfig(libidn) +BuildRequires: pkgconfig(osp-appfw) BuildRequires: libcryptsvc-devel BuildRequires: dukgenerator-devel +BuildRequires: osp-appfw-internal-devel Requires: libcryptsvc +Requires: osp-appfw %description Wrt common library